- Le plus récent
- Le plus de votes
- La plupart des commentaires
I apologize for the delayed response. If you're still encountering this issue, I'd be happy to offer some solutions.
I think this issue could be related to the networking configuration, permissions, or the bucket itself.
-
Since your Grafana instance is accessible only from within the VPC or specific external IP addresses, you need to ensure that the CloudWatch Canary is configured to run within the same VPC. - Running a canary on a VPC
-
Also verify that the S3 bucket policy allows access from the IAM role assigned to the CloudWatch Canary. You can add a bucket policy statement similar to the following:
{ "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Principal": { "AWS": "arn:aws:iam::<YOUR_AWS_ACCOUNT_ID>:role/<CANARY_IAM_ROLE_NAME>" }, "Action": [ "s3:PutObject", "s3:GetObject", "s3:GetBucketLocation" ], "Resource": [ "arn:aws:s3:::thanos-syn-canary/*", "arn:aws:s3:::thanos-syn-canary" ] } ] }
For more examples on managing buckets with canned ACLs, you can refer to this section of the AWS documentation: Managing Buckets Using Canned ACLs.
Contenus pertinents
- demandé il y a un an
- demandé il y a 2 mois
- demandé il y a un an
- AWS OFFICIELA mis à jour il y a 7 mois
Could you clarify if the Grafana URL is Amazon Managed Grafana? If it is, there is an option when you deploy whether it is publicly accessible or only via VPC. Based on the option you choose the Grafana URL may not be reachable from the CloudWatch RUM.
EC2 Server that we use open source grafana. Is on public DNS and if your external IP is whitelisted it is open and it is also open from inside the VPC.